Cyber spooks hint at hard work defending election from hackers

Glasgow: The international Five Eyes network of cyber spies believes Australia is at risk from foreign interference in its federal election, including direct hacks and targeted "fake news", a security conference has been told.

Disinformation is proving to be a broader challenge for the agencies because of how it intersects with free speech, one expert said.

Illustration: Dionne GainCredit:

Australia’s top secret cyber security agency revealed on Wednesday it is on high alert to guard Australia against such threats during the campaign.

Scott MacLeod, assistant director-general for "Protect, Assure and Enable" at the Australian Signals Directorate, made a rare public appearance at the CyberUK security conference in Scotland on Wednesday.

Advertisement

Alongside colleagues from security agencies in the other Five Eyes nations, MacLeod said electoral security was a critical priority.

"On the current federal election we have put a lot of time and effort into it," he said. "Our role is purely technical support, and I think it’s a journey that will go for some time."

The Australian Signals Directorate.Credit:Richard Briggs

The "Five Eyes" network of cyber surveillance, which includes Australia, New Zealand, Canada, the UK and US, is monitoring cyber intrusion into electoral systems and political parties, and the more subtle challenge of weaponised disinformation.

The ASD is Australia’s lead agency in Five Eyes. Its primary role is to pass foreign "signals" intelligence and information security resources to other agencies including the Australian government and defence force.

MacLeod said Australian security partnerships were "really important" to the ASD.

Ciaran Martin, chief executive officer of the UK’s National Cyber Security Centre, said the Five Eyes nations had set up arrangements to share intelligence on electoral security threats.

Loading

"This shows Five Eyes at its best," he said. "There is a threat… [and] this is getting harder. It’s a fast-moving threat picture and when we first started to deal with it we worried about ‘hack and leak’ but now disinformation is a harder nut to crack. It goes to the heart of free speech."

In the 2016 US presidential election Russia reportedly used both methods in support of the Trump campaign, spreading disinformation on social networks and coordinating a hack of the Clinton campaign and Democratic party that led to the release of damaging emails.

Martin said spreading online disinformation during an election wasn’t a cyber attack or a crime, but it was nevertheless dangerous and corrosive.

"Risk appetite on elections is basically zero," he said. "We should take comfort in that: election security is critically important."

Rob Joyce, senior cyber security advisor at the US National Security Agency (NSA), said there were "people looking to influence the voters and elections, and [to] come in and touch the infrastructure".

Scott Jones, head of the Canadian Centre for Cyber Security, said voters were "most likely to be targeted by foreign actors through misinformation campaigns".

"I never thought a cyber intelligence agency head would be talking about fake news, but it’s something we have to tackle," he said.

Loading

The NSA’s Joyce said countries violating norms in cyberspace could be counted on one hand.

He singled out Russia, Iran, China and North Korea.

In February the Australian government revealed it had been the victim of a cyber attack which prime minister Scott Morrison said was the work of "a sophisticated state actor".

Computers in parliament and the Liberal, Labor and National parties had been targeted.

Australian Signals Directorate chief Mike Burgess said later a limited amount of non-confidential data had been stolen in the attack on Parliament House.

Burgess said the ASD "have our suspicions" as to who was behind the breach.

"Attribution is a really difficult thing, so tying it down to a particular country, a particular organisation and perhaps particular individuals, is a piece of work that takes considerable time," he said.

On Wednesday the ASD’s MacLeod said attribution was not a trivial problem.

"There are people who think they understand it, but it's very complex," he said. "It's a very high bar for us, and we feed the information to the government and they make the decision on public attribution."

But the NSA’s Joyce said the Five Eyes nations must "get comfortable" in calling out nations over cyber attacks, because attribution created international pressure for nations to behave better.

MacLeod also highlighted the importance of education for the nation’s cyber defence.

He said it was "going to be very important" that five year-old Australian children were taught how to write code.